Today, AMR Corporation (NYSE: AMR), the parent company of American Airlines, Inc., sent letters to potentially affected retirees, former employees, and a limited number of current employees about a compromise of certain personal information. The data, which had been kept by AMR’s pension department, spans a time period from 1960 through 1995, and consists of images of historical microfilm files for approximately 79,000 retirees, former employees, and a limited number of current employees. No customer data was compromised.
AMR officials discovered and reported the theft of a hard drive at AMR headquarters in Fort Worth, Texas, on June 4, 2010. The drive contained images of historical microfilm files, which included names, addresses, dates of birth, Social Security numbers, and possibly other personal information, as well as a limited amount of bank account information. For some affected individuals, health insurance information (primarily enrollment forms, but also some coverage-related care, treatment, and other administrative materials) may also have been included.